Fixes #61

[sappenin]

Fixes #61

• Add java.io.Serializable interface to EdDSAPublicKey and EdDSAPrivateKey class heirarchies.
• Add Java Serialization unit test coverage for EdDSAPublicKey and EdDSAPrivateKey.

Signed-off-by: sappenin [email protected]

[str4d]

Thanks for the PR!

It's been a while since I last had my head in this code, so I'm going to take a bit of time to make sure that these changes make sense in the context of the overall API (and potential changes I am currently sketching out). So I will probably not get to reviewing this in depth this month.

[str4d]

Okay, I've had time to get my head back into the codebase. Short answer is, I won't merge this PR as-is, because it causes the internal representations of GroupElement to be used as a serialization format, which is not good: they are in no way canonical, and may change at any time. It was a mistake on my part (back when I first wrote this library four years ago) to allow java.io.Serializable to be blanket-applied to EdDSAPublicKey and EdDSAPrivateKey. Fortunately the bug in #61 meant that no one has used it up to this point (at least without forking the library, at which point they are on their own).

Instead, we should override the java.io.Serializable functions to internally serialize using the canonical encodings of the private key and public key. I'm not sure whether that should be the X.509 format, or the canonical encoding of the underlying GroupElement, but given that it is a serialization of EdDSAPublicKey etc. I think the former makes sense.

[str4d]

I've implemented the core of this in cryptography-cafe/curve25519-elisabeth#21